Keyring Pro

1. Use a test Policy

Use our Keyring Pro Test Policy (ID: 6 see here). It includes standard checks to test individual and business onboardings. Policy setup:

Data sources: using you own compliance desk.
Rule:
- Individual users: valid according to the policy owner response.
- Business users: valid according to the policy owner response.
Other parameters:
- Refresh rate: 1 year

Note that we are not simulating Know-Your-Wallet checks on Sepolia.

🔗 Address of the deployed Sepolia Policy Manager contract.

2. On-chain Permissioning

Hook your chosen functions with permissioning reading from the Keyring contract, for Test Policy 6. The hook uses a view function on the Cache, which maps wallet addresses to Policy IDs. Here, it will verify that a user wallet has valid credentials for Policy 6.

if(!keyring.checkCredential(policyId, msg.sender)) {
    revert Unauthorized();
}

Given the KeyringCredentialView contract's checkCredential function is view-only, it can be integrated into state-changing and non-state-changing code blocks.

The Keyring view function checkCredential will return a boolean value if the given address (in this case the msg.sender) is authorised or not for the given Policy ID.

Example: Euler v2

In our Euler v2 example, we want to create an ERC4626-compatible vault where any base asset deposit or withdrawal is permissioned using Keyring Cache.

Note that typically, it would be wise to guard the base ERC4626 functions, mint / redeem / deposit / withdraw to prevent direct interaction with the pool.

We also want to gate the transfer / transferFrom ERC20 methods to prevent secondary vault token transfers.

Part 1: Hook initialisation. This modifier can be added to any function. It guards the execution so that only whitelisted wallets can perform the permissioned action.

 modifier checkKeyring() {
    if (!keyring.checkCredential(policyId, getAddressFromMsgData())) {
        revert KeyringCheckFailed();
    }
    _;
}

Code example available here: https://github.com/euler-xyz/euler-vault-kit/blob/feat/poc-keyring/src/Hooks/KeyRingHook.sol

Part 2: Include hook in relevant functions. In our example, we would guard the following ERC4626 functions: mint / redeem / deposit / withdraw, and the transfer / transferFrom ERC20 methods to prevent secondary vault token transfers.

Here's an example of how it's done for the deposit function:

function deposit(uint256 amount, address receiver) public override checkKeyring nonReentrant returns (uint256) {
    return super.deposit(amount, receiver);
}

Useful links

🔗 Keyring Contract deployed on Sepolia

3. Test User Flow

Test the end-to-end user journey on the Keyring app.

You'll need Sepolia ETH to create your credentials. You can get some here:

🔗 Alchemy

🔗 Infura

🔗 Mining faucet

Navigate to https://sandbox-titan.app.keyring.network/ and test the user journey with your own Sepolia test environment. Complete the mock onboarding for Policy 6.

We are mocking the checks so you don't need to input real data for onboarding, and you can also "skip onboarding" to yield a successful onboarding response and test the flow.

PreviousKeyring Connect NextData Flow

Last updated 1 month ago

1. Use a test Policy

Use our Keyring Pro Test Policy (ID: 6 see here). It includes standard checks to test individual and business onboardings. Policy setup:

Data sources: using you own compliance desk.

Rule:

Individual users: valid according to the policy owner response.
Business users: valid according to the policy owner response.

Other parameters:

Refresh rate: 1 year

Note that we are not simulating Know-Your-Wallet checks on Sepolia.

🔗 Address of the deployed Sepolia Policy Manager contract.

2. On-chain Permissioning

if(!keyring.checkCredential(policyId, msg.sender)) {
    revert Unauthorized();
}

Given the KeyringCredentialView contract's checkCredential function is view-only, it can be integrated into state-changing and non-state-changing code blocks.

The Keyring view function checkCredential will return a boolean value if the given address (in this case the msg.sender) is authorised or not for the given Policy ID.

Example: Euler v2

In our Euler v2 example, we want to create an ERC4626-compatible vault where any base asset deposit or withdrawal is permissioned using Keyring Cache.

Note that typically, it would be wise to guard the base ERC4626 functions, mint / redeem / deposit / withdraw to prevent direct interaction with the pool.

We also want to gate the transfer / transferFrom ERC20 methods to prevent secondary vault token transfers.

Part 1: Hook initialisation. This modifier can be added to any function. It guards the execution so that only whitelisted wallets can perform the permissioned action.

 modifier checkKeyring() {
    if (!keyring.checkCredential(policyId, getAddressFromMsgData())) {
        revert KeyringCheckFailed();
    }
    _;
}

Code example available here: https://github.com/euler-xyz/euler-vault-kit/blob/feat/poc-keyring/src/Hooks/KeyRingHook.sol

Here's an example of how it's done for the deposit function:

function deposit(uint256 amount, address receiver) public override checkKeyring nonReentrant returns (uint256) {
    return super.deposit(amount, receiver);
}

Useful links

🔗 Keyring Contract deployed on Sepolia

3. Test User Flow

Test the end-to-end user journey on the Keyring app.

You'll need Sepolia ETH to create your credentials. You can get some here:

🔗 Alchemy

🔗 Infura

🔗 Mining faucet

Navigate to https://sandbox-titan.app.keyring.network/ and test the user journey with your own Sepolia test environment. Complete the mock onboarding for Policy 6.

We are mocking the checks so you don't need to input real data for onboarding, and you can also "skip onboarding" to yield a successful onboarding response and test the flow.